It all comes down to trust

Apr 26, 2007 08:19 GMT  ·  By

I am more than sure that you are all familiar with the yellow warning bar when browsing with Internet Explorer. Make no mistakes about it, the warnings are a security measure and has been implemented to deliver additional protection. Internet Explorer 7 makes no exception and it too will feature warnings such as the following examples:

This website wants to run the following add-on: 'QuickTime' from 'Apple Computer, Inc.'. This website wants to run the following add-on: 'Windows Media 6.4 Player Shim' from 'Microsoft Corporation' This website wants to run the following add-on: 'Windows Media Player Core' from 'Microsoft Corporation' This website wants to run the following add-on: 'Windows Media Player Extension' from 'Microsoft Corporation'

Usually, such warnings are followed by this "if you trust this website and the add-on and want to allow it to run, click here?"

So what should you do? Is it safe to allow the control to be Run on your machine? And what exactly does Run stand for? Can you build web pages that will not generate such warning messages?

"This warning occurs whenever a web page attempts to execute code on your machine that has not been used previously and is not on the local pre-approved list. This is usually caused by the website trying to use older code. Web Developers often copy-and-paste samples to do things like statistics tracking and media player detection. Some samples that are several years old were written to use old versions of the controls," revealed Jeremy Dallman, IE Program Manager.

Dallman also added that a simple way to prevent this type of security warnings is to build websites that will only look for the freshest releases of QuickTime or Media Player.

IE7 users must also understand the difference between Run and Install. The Run command implies that the code is already installed on the user's machine. By comparison, Install will actually download and deploy completely new code. Either way, users must approve the commands blocked by the Information Bar only for websites that are trustworthy.